remram
6 hours ago
If you call this a "dead man's switch" I'd expect it to turn my app off when I die. E.g. "switch" something when something happens to a "man".
Your own README links to this definition: "A dead man's switch is a switch that is designed to be activated or deactivated if the human operator becomes incapacitated".
This is a watchdog timer / monitor / heartbeat, setting off an alert if a timer elapses.
aftbit
6 hours ago
The "original" dead man switch as I heard about it was a pedal on a train that would apply the brakes if the operator released it.
I've often wondered about how to reliably take software actions after my death or dishonor. After all, you can't really rely on me being able to pay my bills. I'm not looking to do something expensive, more like delete my accounts and send some messages.
xnorswap
6 hours ago
> I've often wondered about how to reliably take software actions after my death
This is actually fairly simple and well understood: leave instructions in your will.
"Notify <Provider> to delete my account" is a perfectly valid instruction to leave for an executor.
You could leave behind a password cache with a master password left in your will, but I suspect much of this still runs on trust. I'd imagine (I haven't tried), that "X has died, please take action Y" is a fairly reliable social engineering vector if you have a convincing "proof" that X has died.
It's worth noting that the executor isn't hard forced to carry out your wishes, the legal recourse for them not doing so comes from other beneficiaries ability to take legal action against the executor. If those other beneficiaries don't care much for enforcement, then you might prefer technical methods such as the submission.
ryandrake
5 hours ago
I keep a "death README" with all of my online and offline account credentials and phone unlock codes, PII that might be needed to authenticate w/ various companies' services, copies of wills, trusts, powers of attorney, health care proxies and so on, copies of all vital docs like marriage certificate, birth certificates, home router SSIDs and passwords, information about doctors, health insurance, life insurance, all financial accounts and brokerages, approximate balances, bills and how to pay them, tax returns and how to file them, a list of recurring expenses and how to pay them, property w/ approximate values, and so on. A hardcopy is kept in our house where next of kin can find it if needed without knowing a safe combination, but casual robbers wouldn't stumble across.
fragmede
an hour ago
Why without the safe combination? Not to out myself but mines in a safe. If I'm dead I expect my next of kin to crow bar it open but if I'm not, I'd rather not have anybody else access that.
echoangle
5 hours ago
The „X has died, please take action Y“ thing also only works if the service reliably knows that the account belongs to X. My executor can’t delete my HN account because he can’t prove it’s actually my account (without getting the password).
ssl-3
4 hours ago
Can it not be cryptographically proven?
Leave a public key in your HN bio.
And leave a matching private key and validation instructions in your will.
If the keys match along with a death certificate, then: The account owner is validated as being dead.
PeterisP
3 hours ago
It's not about it being impossible to cryptographically prove/validate it, but rather about services choosing to not attempt to try to validate it. They generally don't provide such an option, because it's tricky, somewhat manual, has certain costs and risks, and no benefit to the service provider.
If some law prescribes that after following a certain verification process, the operator is required to delete the account, then that legally mandated process would work, but in the absence of such a law literally no process can be sufficient, because the operators can and will choose to ignore it, no matter how reliable it is.
echoangle
4 hours ago
If I prepare for it, sure. At that point, I can just leave my password though. I was responding to the point that you don’t need to leave the password because a death certificate would be enough.
ssl-3
3 hours ago
Aye, indeed.
But maybe I don't want to leave my password behind because I'm weird that way or something, and instead I just want my account nuked.
Cryptographic proof of ownership by the dead guy + death certificate should allow for account nuking, without allowing for a third party to do something else with my account.
(Not that I'm worried about it, myself. In fact, I've found all of these dead man's switch/after-death automations pretty amusing every time I've seen them pop up in the past couple of decades.
I mean: When I'm dead, my HN/Google/whatever accounts will become idle, and I'm dead AF so I don't care if someone hacks the passwords some time later. It's a non-refundable one-way ticket for me.)
Muromec
3 hours ago
> After all, you can't really rely on me being able to pay my bills.
Bit that's exact trigger you wat.
Make something that keeps running while you pay bills and stops running after you no longer pay them. Pay those bills from your current account.
Make another something that periodically checks the status of the first system to be operational. After sufficiently long periode of failures activatie the cleanup crew.
Pay for the second system from a savings account, trust, llc or some other way that is not deactivated once you die
edm0nd
6 hours ago
Would be cool to have some kind of "deadmans infra AI or bot" that would auto fund your server bills for X amount of additional months/years and then send out emails and post a notice you have died and your service EOL is estimated to be X or Y.
I also suppose you would have to also roll in some kind of automated patching and etc into it which would be rather difficult and break a lot of thing if went bad but some kind of "self healing" bot could perhaps also look after this part to fix anything should it break.
Also kinda opens up an entirely new attack vector. Threat actors could scan for these notices and go "hey this person is dead. lets hack their stuffs".
LorenPechtel
23 minutes ago
In the US we already have a system that could be used and would be hard to spoof but I am not aware of anyone implementing it. It has a delay of months built into it.
Specifically, the Social Security Death Index. Some months after you die your Social Security number gets listed. It's meant to prevent impersonating a dead person but could be used to shut down accounts etc.
DowagerDave
6 hours ago
>> after my death or dishonor
honest question: why do you care?
vincnetas
6 hours ago
if you care about people that you leave behind...
fragmede
an hour ago
I cared about these people when I was alive, why would that stop because I'm dead? If a meteor struck me dead in my bed, I'd want the survivors to be able to use my stuff to make their lives better.
I had a friend pass and his fiance was in need of money but he didn't leave the password to access the crypto, so it's lost forever. If I die unexpectedly, I'd at least want it to not be lost forever.
nurettin
6 hours ago
From experience, it is a huge inconvenience to people surviving the deceased leaving without any way to pay their debits. And if you don't care about what happens after you die, why did you even care when alive? Why not always be a dick? At least it is consistent.
LorenPechtel
20 minutes ago
How to pay??
Two experiences with this. Companies don't particularly care who pays the bill. They send a bill, they get money, they don't care if the person who paid is the person. In fact, in my recent brush with such matters the company specifically knew the person was dead when they accepted the payment.
What's hard is getting access to their money to pay debts with.
hotspot_one
5 hours ago
Under US law, the debts die with the person. You are under no obligation to repay your parent's debts. Now if the debt is tied to a house (mortgage) or a car (car loan), you might lose the house/car if you don't pay, but you do not have an obligation to pay. Likewise failure to pay will not impact your credit.
So if I die in debt up to my eyeballs, and if I am sole signatory on those debts, I have only hurt my creditors, not my family.
caveats-- if my family was counting on the house and I have an unaffordable mortgage, then yes I have caused them harm. Likewise other irresponsible debts.
-- at the end of the chain, creditors are also people. It is their job to loan money at risk, so their loss is their problem, but this assumes I was dealing in good faith when I took the loan.
groby_b
5 hours ago
The debts very much don't die with the person - the estate is on the hook to pay your debts before distributing to heirs.
Obviously, with some "it depends" nuance - but if the difference between this and your world view would make a significant difference to your loved ones, you might want to talk to an attorney.
SoftTalker
4 hours ago
Correct, but if you die broke, nobody else is on the hook to pay your debts, unless that person cosigned a loan or something like that.
PeterisP
3 hours ago
Sure, but it would be reasonable to assume that most people in this forum won't die broke.
SoftTalker
an hour ago
Dying broke is a goal for many people. And a lot of people who earn a lot of money still end up broke because they never really learned how to manage it and are easy manupulated by "managers." See esp. professional athletes, celebrities, musical artists who hit it big -- anyone who jumps from near or actually in poverty to very wealthy in a short period of time.
I am sure that there is no shortage of developers who hit a big payday at a FAANG or startup and then spent like it would never end.
Roscius
an hour ago
Dying broke is the optimal way to die.
The definition of broke could be the residual after the planned distributions to heirs. Or if no heirs, dying flat broke makes the most sense. Getting there is tricky.
IIAOPSW
2 hours ago
As a point of interest, trains still have these. Though it usually takes the form of a somewhat sporadic alarm and an acknowledgement buzzer. Reaction time to the buzzer somewhat influences the interval of the next one.
adamdecaf
6 hours ago
Yea the idea is that if your service doesn’t check-in then a preconfigured alert triggers.
greiskul
6 hours ago
Google has an option for what to do with your account if you are inactive for a set period of time. So you can choose what to delete, and what to give access to someone you want. You can also have it send emails to up to 10 people, with whatever message you want.
BrandoElFollito
6 hours ago
What is "dishonor" in that context? (Sorry, not a native speaker of English)
LorenPechtel
17 minutes ago
(Native speaker) Wrong, but the intent was clearly that they were out of it for whatever reason. And since the true purpose of language is to communicate and it does that is it truly wrong?
eep_social
5 hours ago
As a native speaker, I don’t think the phrasing is idiomatic but I read it to mean imprisoned or otherwise out of society without actually being dead.
aftbit
4 hours ago
Yes, you got it 100%. I agree, it is not idiomatic, but was intended to call back the "death before dishonor" trope that your sibling commenter mentioned. I intended "dishonor" to cover a number of cases short of my death where I might be unable to continue to care for my obligations for a long period of time. For example, imprisoned, deplatformed, critically injured in a coma, lost in a serious mental health crisis, etc. In some ways, handling that is a harder challenge than handling death, as there are fewer well-worn paths to follow.
meindnoch
5 hours ago
It doesn't mean anything, because it is wrong. The correct idiom is "death before dishonor", which means that one would choose death instead of doing something disgraceful/shameful.
superb_dev
4 hours ago
That doesn’t make sense in the context
asdfman123
6 hours ago
I thought this was going to be some way to exact retribution on your employer after being laid off
hinkley
5 hours ago
That is the typical scenario in the context of software.
Not that it happens often, but that the incidents are so memorable.
duggan
6 hours ago
Routinely surprised that there are adult human beings that do this, but so it goes.
asdfman123
5 hours ago
I would never do it myself. Move on with your life!
I did know a guy who worked at a major corporation explain his dead man switch like it was the most normal thing in the world, though. Extremely cursed.
hinkley
5 hours ago
I could see people in a somewhat toxic situation do things like this but it’s better to get out.
Especially if there’s some complex onerous task that needs to happen and you get no credit for doing it well. Leave, and let them find out what it’s like being one of the other characters in It’s a Wonderful Life in the worst timeline.
John_Cena
6 hours ago
Naw, in the modern world only people like Bench Simmons get guaranteed contracts. :|
vorpalhex
6 hours ago
Wire in pagerduty to whatever your action is. Ideally distributed on multiple infra pieces. This is just the switch side not the action side.
Normally deadmans switches can be compromised by disrupting the deadman switch hardware. This removes that attack vector and pushes it further up the chain (which may or may not help you).
It's certainly very clever.
adamdecaf
6 hours ago
Thanks. We already rely on PD so preconfiguring the alert/snooze isn’t additional risk for us.